﻿Imports System.Data.SqlClient
Imports System.Data
Partial Class addexisting
    Inherits System.Web.UI.Page
    Dim conn As New SqlConnection("Data Source=sql.bluetonemedia.com;Initial Catalog=BlueToneMediaDB;Persist Security Info=True;User ID=BTMWiz;Password=esquel4ma@gic")
    Dim Qry As String
    Dim dv As New DataView
    Private companyID As Integer

    Protected Sub Button1_Click(sender As Object, e As System.EventArgs) Handles Button1.Click
        Panel1.Visible = True

        Dim companyname As String

        companyname = ""

        Qry = "SELECT * FROM  Companys WHERE Name = '" & query.Text & "'"

        conn.Open()
        Dim Sample As New DataSet
        Dim Sql As New SqlDataAdapter(Qry, conn)
        Sql.Fill(Sample)
        dv.Table = Sample.Tables(0)


        If IsDBNull(dv(0)("Phone")) Then
            phone.Text = ""
        Else
            phone.Text = Server.HtmlDecode(dv(0)("Phone"))
        End If

        company.Text = Server.HtmlDecode(dv(0)("Name"))
        newphone.Text = Request.QueryString("num")
        companyID = Server.HtmlDecode(dv(0)("ID"))

        conn.Close()

        'Dim name() As String
        'Dim firstname As String
        'Dim lastname As String

        'firstname = ""
        'lastname = ""

        'name = Split(query.Text, " ")
        'firstname = name(0)
        'lastname = name(1)

        'Qry = "SELECT * FROM  Contacts WHERE FName = '" & firstname & "' AND LName = '" & lastname & "'"

        'conn.Open()
        'Dim Sample As New DataSet
        'Dim Sql As New SqlDataAdapter(Qry, conn)
        'Sql.Fill(Sample)
        'dv.Table = Sample.Tables(0)

        'first.Text = firstname
        'last.Text = lastname


        'If IsDBNull(dv(0)("Mobile")) Then
        '    mobile.Text = ""
        'Else
        '    mobile.Text = Server.HtmlDecode(dv(0)("Mobile"))
        'End If

        'companyID = Server.HtmlDecode(dv(0)("CompanyID"))

    End Sub

    Protected Sub Button2_Click(sender As Object, e As System.EventArgs) Handles Button2.Click
        Dim companyname As String
        Dim phonenum As String

        phonenum = ""
        companyname = ""

        Qry = "SELECT * FROM  Companys WHERE Name = '" & query.Text & "'"

        conn.Open()
        Dim Sample As New DataSet
        Dim Sql As New SqlDataAdapter(Qry, conn)
        Sql.Fill(Sample)
        dv.Table = Sample.Tables(0)


        If IsDBNull(dv(0)("Phone")) Then
            phonenum = ""
        Else
            phonenum = Server.HtmlDecode(dv(0)("Phone"))
        End If

        companyID = Server.HtmlDecode(dv(0)("ID"))

        Dim site As Integer
        Dim command As SqlCommand
        Dim queryString As String

        site = Server.HtmlDecode(dv(0)("SiteID"))
        conn.Close()

        Dim strClientIP As String
        strClientIP = Request.UserHostAddress()

        queryString = "INSERT INTO Comments (CompanyID, AuthorID, Comment, AuthorIP, SiteID, Type, Visible) VALUES (@companyid, '40284', @comment, '" & strClientIP & "', '" & site & "', 'customer rating comment', 'True')"


        command = New SqlCommand(queryString, conn)

        command.Parameters.Add(New SqlParameter("@companyid", SqlDbType.Int, 11))
        command.Parameters("@companyid").Value = companyID
        command.Parameters.Add(New SqlParameter("@comment", SqlDbType.NVarChar, 4000))
        command.Parameters("@comment").Value = "Phone number changed from " & phone.Text & " to " & newphone.Text
        command.Parameters.Add(New SqlParameter("@siteid", SqlDbType.Int, 11))
        command.Parameters("@siteid").Value = site

        command.Connection.Open()
        command.ExecuteNonQuery()

        ''Response.Write("Phone number changed from " & phonenum & " to " & phone.Text)

        queryString = "UPDATE Companys SET Phone = @phone WHERE ID = '" & companyID & "'"

        command = New SqlCommand(queryString, conn)

        command.Parameters.Add(New SqlParameter("@phone", SqlDbType.NVarChar, 50))
        command.Parameters("@phone").Value = newphone.Text

        'command.Connection.Open()
        command.ExecuteNonQuery()
        command.Connection.Close()

        'Response.Write("Phone number changed from " & mobilenumber & " to " & mobile.Text)


        'Dim name() As String
        'Dim firstname As String
        'Dim lastname As String
        'Dim site As Integer
        'Dim mobilenumber As String

        'mobilenumber = ""
        'firstname = ""
        'lastname = ""

        'name = Split(query.Text, " ")
        'firstname = name(0)
        'lastname = name(1)

        'Qry = "SELECT * FROM  Contacts as con, Companys as com WHERE con.FName = '" & firstname & "' AND con.LName = '" & lastname & "' and con.CompanyID = com.ID"

        'conn.Open()
        'Dim Sample As New DataSet
        'Dim Sql As New SqlDataAdapter(Qry, conn)
        'Sql.Fill(Sample)
        'dv.Table = Sample.Tables(0)

        'companyID = Server.HtmlDecode(dv(0)("CompanyID"))
        'site = Server.HtmlDecode(dv(0)("SiteID"))
        'mobilenumber = Server.HtmlDecode(dv(0)("Mobile"))

        'conn.Close()

        'Dim command As SqlCommand
        'Dim queryString As String

        'Dim strClientIP As String
        'strClientIP = Request.UserHostAddress()

        'queryString = "INSERT INTO Comments (CompanyID, AuthorID, Comment, AuthorIP, SiteID, Type, Visible) VALUES (@companyid, '40284', @comment, '" & strClientIP & "', '" & site & "', 'customer rating comment', 'True')"


        'command = New SqlCommand(queryString, conn)

        'command.Parameters.Add(New SqlParameter("@companyid", SqlDbType.Int, 11))
        'command.Parameters("@companyid").Value = companyID
        'command.Parameters.Add(New SqlParameter("@comment", SqlDbType.NVarChar, 4000))
        'command.Parameters("@comment").Value = "Phone number changed from " & mobilenumber & " to " & mobile.Text
        'command.Parameters.Add(New SqlParameter("@siteid", SqlDbType.Int, 11))
        'command.Parameters("@siteid").Value = site

        'command.Connection.Open()
        'command.ExecuteNonQuery()



        'queryString = "UPDATE Contacts SET Mobile = @mobile WHERE CompanyID = '" & companyID & "'"


        'command = New SqlCommand(queryString, conn)

        'command.Parameters.Add(New SqlParameter("@mobile", SqlDbType.VarChar, 50))
        'command.Parameters("@mobile").Value = mobile.Text

        ''command.Connection.Open()
        'command.ExecuteNonQuery()
        'command.Connection.Close()

        'Response.Write("Phone number changed from " & mobilenumber & " to " & mobile.Text)

Response.Redirect("display.htm")
    End Sub
End Class
